GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,869
Erlang
29
GitHub Actions
16
Go
1,717
Maven
4,951
npm
3,480
NuGet
605
pip
3,026
Pub
10
RubyGems
832
Rust
776
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
2,542 advisories
Filter by severity
mySCADA myPRO: Versions 8.20.0 and prior has a feature where the firmware can be updated, which...
Critical
Unreviewed
CVE-2021-43984
was published
Dec 24, 2021
mySCADA myPRO: Versions 8.20.0 and prior has a vulnerable debug interface which includes a ping...
Critical
Unreviewed
CVE-2021-44453
was published
Dec 24, 2021
A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via...
High
Unreviewed
CVE-2021-3621
was published
Dec 24, 2021
An OS command injection vulnerability exists in the Web Manager Diagnostics: Traceroute...
Critical
Unreviewed
CVE-2021-21872
was published
Dec 23, 2021
A specially-crafted HTTP request can lead to arbitrary command execution in RSA keypasswd...
Critical
Unreviewed
CVE-2021-21873
was published
Dec 23, 2021
A specially-crafted HTTP request can lead to arbitrary command execution in EC keypasswd...
Critical
Unreviewed
CVE-2021-21875
was published
Dec 23, 2021
Specially-crafted HTTP requests can lead to arbitrary command execution in PUT requests. An...
Critical
Unreviewed
CVE-2021-21876
was published
Dec 23, 2021
A specially-crafted HTTP request can lead to arbitrary command execution in DSA keypasswd...
Critical
Unreviewed
CVE-2021-21874
was published
Dec 23, 2021
Specially-crafted HTTP requests can lead to arbitrary command execution in “GET” requests. An...
Critical
Unreviewed
CVE-2021-21877
was published
Dec 23, 2021
An OS command injection vulnerability exists in the Web Manager Wireless Network Scanner...
Critical
Unreviewed
CVE-2021-21881
was published
Dec 23, 2021
An OS command injection vulnerability exists in the Web Manager FsUnmount functionality of...
High
Unreviewed
CVE-2021-21882
was published
Dec 23, 2021
An OS command injection vulnerability exists in the Web Manager Diagnostics: Ping functionality...
Critical
Unreviewed
CVE-2021-21883
was published
Dec 23, 2021
An OS command injection vulnerability exists in the Web Manager SslGenerateCSR functionality of...
Critical
Unreviewed
CVE-2021-21884
was published
Dec 23, 2021
An OS command injection vulnerability exists in the Web Manager SslGenerateCertificate...
Critical
Unreviewed
CVE-2021-21888
was published
Dec 23, 2021
OS Command Injection vulnerability in the wirelessConnect handler of Abode iota All-In-One...
High
Unreviewed
CVE-2020-8105
was published
Dec 21, 2021
FiberHome ONU GPON AN5506-04-F RP2617 is affected by an OS command injection vulnerability. This...
High
Unreviewed
CVE-2021-42912
was published
Dec 17, 2021
Two methods of a utility class in SAP NetWeaver AS ABAP - versions 700, 701, 702, 710, 711, 730,...
High
Unreviewed
CVE-2021-44235
was published
Dec 15, 2021
A violation of secure design principles in Fortinet Meru AP version 8.6.1 and below, version 8.5...
High
Unreviewed
CVE-2021-42759
was published
Dec 10, 2021
An unauthenticated command injection vulnerability exists in multiple parameters in the Gryphon...
High
Unreviewed
CVE-2021-20138
was published
Dec 10, 2021
An unauthenticated command injection vulnerability exists in the parameters of operation 3 in the...
High
Unreviewed
CVE-2021-20139
was published
Dec 10, 2021
An unauthenticated command injection vulnerability exists in the parameters of operation 32 in...
High
Unreviewed
CVE-2021-20141
was published
Dec 10, 2021
An unauthenticated command injection vulnerability exists in the parameters of operation 10 in...
High
Unreviewed
CVE-2021-20140
was published
Dec 10, 2021
An unauthenticated command injection vulnerability exists in the parameters of operation 41 in...
High
Unreviewed
CVE-2021-20142
was published
Dec 10, 2021
An unauthenticated command injection vulnerability exists in the parameters of operation 48 in...
High
Unreviewed
CVE-2021-20143
was published
Dec 10, 2021
An unauthenticated command injection vulnerability exists in the parameters of operation 49 in...
High
Unreviewed
CVE-2021-20144
was published
Dec 10, 2021
ProTip!
Advisories are also available from the
GraphQL API